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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )Kl Responsive to communication(s) filed on . 

2a)^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD, 1 1 , 453 O.G. 213. 
Disposition of Claims 

4) £3 Claim(s) 1-33 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) (El Claim(s) 1-33 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
1 1 )□ The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§ 119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)D All b)D Some*c)D None of: 

1 0 Certified copies of the priority documents have been received. 

2.Q Certified copies of the priority documents have been received in Application No. . 



3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application). 

a) D The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
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1 . This office action is in response to Amendment filed 2/10/03. Amended claims 1- 
29 and new claim 33 are pending. The rejection is cited as stated below. 

Response to Arguments 

2. Applicants arguments with respect to claim 1-32 have been considered but are 
not persuasive to overcome the prior art rejection. 

Applicant discloses the invention as controlling the access of client to a request 
resource (i.e.: Web server) in network environment including the client machines, 
gateway/router and Web server. First, the (handshake) request to target server (i.e.: 
Web server or shared connection). The gateway redirects the client request to a control 
server by rewriting address. The control server responses back to the gateway to verify 
the client access to the destination server. 

Cohen taught in Fig 1 the client requests have been redirected by a router. The 
router using proxy redirector to send the request to DNS server (i.e.: control server) to 
verify the request. If the request is accepted then it sent to origin server (i.e.: destination 
server). It clearly the prior art taught every technique described in the invention. Thus 
the rejection is sustained. 

3. Claims 1-33 are rejected under 35 U.S.C. § 103 as being obvious over Cohen et 
al [Cohen 6,389,462 B1] in view of the what was well-known in the art. 

4. As per claims 1 ,1 7 and 33 Cohen discloses a computer-readable medium having 
computer-executable instructions for controlling access to a desired resource hosted on 
a destination server. It is equivalent to a gateway/ router/ proxy server/ firewall connects 
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a client request to a remote server (i.e.: desired server, file server database server, ISP 
server). This is well-known in Internet art [Cohen abstract]. 

(a) receiving handshaking packets (i.e.: client request) from a client machine 
intended to begin a session with the destination server which is equivalent to a client 
sends a request to a desired server via a router or proxy server [Cohen Fig 1 ,3-6, col 7 
lines 1-10, col 8 line 59-col 9 line 18,col 13 line 36-col 14 line 20, col 15 lines 9-34]; 

(b) redirecting network communications, including the steps of: 

redirecting the handshaking packets by rewriting (i.e.: proxying) the destination 
address in the handshaking packets IP headers to route the packets to an access 
controlling web server which is equivalent to a router which rewrite the destination 
address to destination server [Cohen Fig 1,3, col 8 line 53-col 9 line 18]; 

receiving a content request packet from the client machine destined for the 
destination server intended to retrieve the desired resource (i.e.: destination port) from 
the destination server (i.e.: the origin server); [Cohen Fig 1 ,3-6, col 3 line 47-col 4 line 
27,col 14 lines 21-45,col 15 lines 35-67, col 16 line 1-col17 line 5] 

(c) receiving a response from the access controlling web server (i.e.: DNS 
server) [Cohen Fig 1 , col 6 lines 23-46]; and 

(d) controlling access of the client machine to the desired resource based on the 
response from the access controlling web server [Cohen Fig 1 ,col 8 line 59-col 9 line 
18] 

Cohen does not detail the and redirecting the content request packet by rewriting 
the destination address in the packet IP header to route the packet to the access 
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controlling web server. It is well-known in the art that a router/gateway/proxy server 
redirect the client request or rewrite the destination addresses of packet header [see 
Kirsch, Chung, Ebata, Grantges Jr., Applegate, Templin, Mwikalo, Gelman, Millet, 
Cherkasova references] 

Therefore, it would have been obvious to one having ordinary skill in the art at 
the time the invention was made to incorporate the technique of redirection the client 
request to the destination was well-known in the art into the Cohen's apparatus in order 
to facilitate the router on network. Doing so would enhance the security and provide a 
control access over the persistent connection. 

5. As per claims 2,18 Cohen discloses establishing a connection between the client 
machine and the destination server if the response indicates that access to the desired 
resource is allowable as inherent feature of DNS server [Cohen col 6 lines 47-67, see 
Cherkasova reference]. 

6. As per claims 3,19 Cohen discloses the content request packet comprises a GET 
URL packet [Cohen col 8 lines 1 1-52, col 15 lines 35-55]. 

7. As per claims 4,20 Cohen discloses the response indicates that access to the 
desired resource is allowable if the access controlling web server does not recognize 
the URL of the GET URL packet [Cohen col 5 lines 10-31]. 

8. As per claims 5,21 Cohen discloses the step of refusing a connection to the 
destination server, and establishing instead a connection between the client machine 
and the access controlling web server if the response is that the access controlling web 
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server recognizes the URL of the GET LTRL packet as inherent feature of redirect 
request. 

9. As per claims 6,13,22,29 Cohen discloses resending the handshaking packets 
and GET URL packet to the destination server transparently with respect to the client 
machine [Cohen col 8 line 53-col 9 line 18]. 

10. As per claims 8,1 5,24,31 Cohen discloses the step of determining whether to 
redirect network communications based on the content of a handshaking packet [Cohen 
Fig 3-6]. 

11. As per claims 9,16,25,32 Cohen discloses the step of determining whether to 
redirect network communications comprises deciding to redirect network 
communications if the handshaking packet is a SYN packet directed to port 80 on the 
destination server [Cohen col 6 lines 47-67]. 

1 2. As per claims 1 0,26 Cohen discloses the response indicates that access to the 
desired resource is allowable if the access controlling web server recognizes the URL of 
the GET URL packet as inherent feature of DNS server [Cohen col 6 lines 47-67]. 

13. As per claims 1 1 ,27 Cohen discloses the step of refusing a connection to the 
destination server, and establishing instead a connection between the client machine 
and the access controlling web server if the response indicates that the access 
controlling web server does not recognize the URL of the GET URL packet [Cohen col 5 
lines 10-31]. 

14. As per claims 12,28 Cohen discloses the access controlling web server is an 
RSACi Web Server as inherent feature of Web server [Cohen Fig 1]. 
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1 5. As per claims 7,1 4,23,30 Cohen discloses the invention as describe above, 
except embedding an identity token readable by the access controlling web server in 
the GET URL packet, wherein the identity token uniquely identifies the client machine. 

It is well-known in the art that an identifier (i.e.: URL) or other information could 
be embedded into a GET request wherein the request packet including sources- 
destination address (i.e.: client address) [see Chung col 2 lines 44-63] 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to examiner Thong Vu, whose telephone number is (703)- 
305-4643. 

The examiner can normally be reached on Monday-Thursday from 8:00AM- 4:30PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Mark Powell, can be reached at (703) 305-9703. 

Any inquiry of a general nature or relating to the status of this application should 
be directed to the Group receptionist whose telephone number is (703) 305-9700. 

Any response to this action should be mailed to: Commissioner of Patent and 
Trademarks, Washington, D.C. 20231 or faxed to : 
After Final (703) 746-7238 
Official: (703) 746-7239 
Non-Official (703) 746-7240 
Hand-delivered responses should be brought to Crystal Park 1 1 ,2121 Crystal 
Drive, Arlington. VA., Sixth Floor (Receptionist). 
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